1 (* Title: HOL/MicroJava/BV/Typing_Framework_err.thy |
|
2 ID: $Id$ |
|
3 Author: Gerwin Klein |
|
4 Copyright 2000 TUM |
|
5 |
|
6 *) |
|
7 |
|
8 header {* \isaheader{Lifting the Typing Framework to err, app, and eff} *} |
|
9 |
|
10 theory Typing_Framework_err |
|
11 imports Typing_Framework SemilatAlg |
|
12 begin |
|
13 |
|
14 constdefs |
|
15 |
|
16 wt_err_step :: "'s ord \<Rightarrow> 's err step_type \<Rightarrow> 's err list \<Rightarrow> bool" |
|
17 "wt_err_step r step ts \<equiv> wt_step (Err.le r) Err step ts" |
|
18 |
|
19 wt_app_eff :: "'s ord \<Rightarrow> (nat \<Rightarrow> 's \<Rightarrow> bool) \<Rightarrow> 's step_type \<Rightarrow> 's list \<Rightarrow> bool" |
|
20 "wt_app_eff r app step ts \<equiv> |
|
21 \<forall>p < size ts. app p (ts!p) \<and> (\<forall>(q,t) \<in> set (step p (ts!p)). t <=_r ts!q)" |
|
22 |
|
23 map_snd :: "('b \<Rightarrow> 'c) \<Rightarrow> ('a \<times> 'b) list \<Rightarrow> ('a \<times> 'c) list" |
|
24 "map_snd f \<equiv> map (\<lambda>(x,y). (x, f y))" |
|
25 |
|
26 error :: "nat \<Rightarrow> (nat \<times> 'a err) list" |
|
27 "error n \<equiv> map (\<lambda>x. (x,Err)) [0..<n]" |
|
28 |
|
29 err_step :: "nat \<Rightarrow> (nat \<Rightarrow> 's \<Rightarrow> bool) \<Rightarrow> 's step_type \<Rightarrow> 's err step_type" |
|
30 "err_step n app step p t \<equiv> |
|
31 case t of |
|
32 Err \<Rightarrow> error n |
|
33 | OK t' \<Rightarrow> if app p t' then map_snd OK (step p t') else error n" |
|
34 |
|
35 app_mono :: "'s ord \<Rightarrow> (nat \<Rightarrow> 's \<Rightarrow> bool) \<Rightarrow> nat \<Rightarrow> 's set \<Rightarrow> bool" |
|
36 "app_mono r app n A \<equiv> |
|
37 \<forall>s p t. s \<in> A \<and> p < n \<and> s <=_r t \<longrightarrow> app p t \<longrightarrow> app p s" |
|
38 |
|
39 |
|
40 lemmas err_step_defs = err_step_def map_snd_def error_def |
|
41 |
|
42 |
|
43 lemma bounded_err_stepD: |
|
44 "bounded (err_step n app step) n \<Longrightarrow> |
|
45 p < n \<Longrightarrow> app p a \<Longrightarrow> (q,b) \<in> set (step p a) \<Longrightarrow> |
|
46 q < n" |
|
47 apply (simp add: bounded_def err_step_def) |
|
48 apply (erule allE, erule impE, assumption) |
|
49 apply (erule_tac x = "OK a" in allE, drule bspec) |
|
50 apply (simp add: map_snd_def) |
|
51 apply fast |
|
52 apply simp |
|
53 done |
|
54 |
|
55 |
|
56 lemma in_map_sndD: "(a,b) \<in> set (map_snd f xs) \<Longrightarrow> \<exists>b'. (a,b') \<in> set xs" |
|
57 apply (induct xs) |
|
58 apply (auto simp add: map_snd_def) |
|
59 done |
|
60 |
|
61 |
|
62 lemma bounded_err_stepI: |
|
63 "\<forall>p. p < n \<longrightarrow> (\<forall>s. ap p s \<longrightarrow> (\<forall>(q,s') \<in> set (step p s). q < n)) |
|
64 \<Longrightarrow> bounded (err_step n ap step) n" |
|
65 apply (clarsimp simp: bounded_def err_step_def split: err.splits) |
|
66 apply (simp add: error_def image_def) |
|
67 apply (blast dest: in_map_sndD) |
|
68 done |
|
69 |
|
70 |
|
71 lemma bounded_lift: |
|
72 "bounded step n \<Longrightarrow> bounded (err_step n app step) n" |
|
73 apply (unfold bounded_def err_step_def error_def) |
|
74 apply clarify |
|
75 apply (erule allE, erule impE, assumption) |
|
76 apply (case_tac s) |
|
77 apply (auto simp add: map_snd_def split: split_if_asm) |
|
78 done |
|
79 |
|
80 |
|
81 lemma le_list_map_OK [simp]: |
|
82 "\<And>b. map OK a <=[Err.le r] map OK b = (a <=[r] b)" |
|
83 apply (induct a) |
|
84 apply simp |
|
85 apply simp |
|
86 apply (case_tac b) |
|
87 apply simp |
|
88 apply simp |
|
89 done |
|
90 |
|
91 |
|
92 lemma map_snd_lessI: |
|
93 "x <=|r| y \<Longrightarrow> map_snd OK x <=|Err.le r| map_snd OK y" |
|
94 apply (induct x) |
|
95 apply (unfold lesubstep_type_def map_snd_def) |
|
96 apply auto |
|
97 done |
|
98 |
|
99 |
|
100 lemma mono_lift: |
|
101 "order r \<Longrightarrow> app_mono r app n A \<Longrightarrow> bounded (err_step n app step) n \<Longrightarrow> |
|
102 \<forall>s p t. s \<in> A \<and> p < n \<and> s <=_r t \<longrightarrow> app p t \<longrightarrow> step p s <=|r| step p t \<Longrightarrow> |
|
103 mono (Err.le r) (err_step n app step) n (err A)" |
|
104 apply (unfold app_mono_def mono_def err_step_def) |
|
105 apply clarify |
|
106 apply (case_tac s) |
|
107 apply simp |
|
108 apply simp |
|
109 apply (case_tac t) |
|
110 apply simp |
|
111 apply clarify |
|
112 apply (simp add: lesubstep_type_def error_def) |
|
113 apply clarify |
|
114 apply (drule in_map_sndD) |
|
115 apply clarify |
|
116 apply (drule bounded_err_stepD, assumption+) |
|
117 apply (rule exI [of _ Err]) |
|
118 apply simp |
|
119 apply simp |
|
120 apply (erule allE, erule allE, erule allE, erule impE) |
|
121 apply (rule conjI, assumption) |
|
122 apply (rule conjI, assumption) |
|
123 apply assumption |
|
124 apply (rule conjI) |
|
125 apply clarify |
|
126 apply (erule allE, erule allE, erule allE, erule impE) |
|
127 apply (rule conjI, assumption) |
|
128 apply (rule conjI, assumption) |
|
129 apply assumption |
|
130 apply (erule impE, assumption) |
|
131 apply (rule map_snd_lessI, assumption) |
|
132 apply clarify |
|
133 apply (simp add: lesubstep_type_def error_def) |
|
134 apply clarify |
|
135 apply (drule in_map_sndD) |
|
136 apply clarify |
|
137 apply (drule bounded_err_stepD, assumption+) |
|
138 apply (rule exI [of _ Err]) |
|
139 apply simp |
|
140 done |
|
141 |
|
142 lemma in_errorD: |
|
143 "(x,y) \<in> set (error n) \<Longrightarrow> y = Err" |
|
144 by (auto simp add: error_def) |
|
145 |
|
146 lemma pres_type_lift: |
|
147 "\<forall>s\<in>A. \<forall>p. p < n \<longrightarrow> app p s \<longrightarrow> (\<forall>(q, s')\<in>set (step p s). s' \<in> A) |
|
148 \<Longrightarrow> pres_type (err_step n app step) n (err A)" |
|
149 apply (unfold pres_type_def err_step_def) |
|
150 apply clarify |
|
151 apply (case_tac b) |
|
152 apply simp |
|
153 apply (case_tac s) |
|
154 apply simp |
|
155 apply (drule in_errorD) |
|
156 apply simp |
|
157 apply (simp add: map_snd_def split: split_if_asm) |
|
158 apply fast |
|
159 apply (drule in_errorD) |
|
160 apply simp |
|
161 done |
|
162 |
|
163 |
|
164 |
|
165 text {* |
|
166 There used to be a condition here that each instruction must have a |
|
167 successor. This is not needed any more, because the definition of |
|
168 @{term error} trivially ensures that there is a successor for |
|
169 the critical case where @{term app} does not hold. |
|
170 *} |
|
171 lemma wt_err_imp_wt_app_eff: |
|
172 assumes wt: "wt_err_step r (err_step (size ts) app step) ts" |
|
173 assumes b: "bounded (err_step (size ts) app step) (size ts)" |
|
174 shows "wt_app_eff r app step (map ok_val ts)" |
|
175 proof (unfold wt_app_eff_def, intro strip, rule conjI) |
|
176 fix p assume "p < size (map ok_val ts)" |
|
177 hence lp: "p < size ts" by simp |
|
178 hence ts: "0 < size ts" by (cases p) auto |
|
179 hence err: "(0,Err) \<in> set (error (size ts))" by (simp add: error_def) |
|
180 |
|
181 from wt lp |
|
182 have [intro?]: "\<And>p. p < size ts \<Longrightarrow> ts ! p \<noteq> Err" |
|
183 by (unfold wt_err_step_def wt_step_def) simp |
|
184 |
|
185 show app: "app p (map ok_val ts ! p)" |
|
186 proof (rule ccontr) |
|
187 from wt lp obtain s where |
|
188 OKp: "ts ! p = OK s" and |
|
189 less: "\<forall>(q,t) \<in> set (err_step (size ts) app step p (ts!p)). t <=_(Err.le r) ts!q" |
|
190 by (unfold wt_err_step_def wt_step_def stable_def) |
|
191 (auto iff: not_Err_eq) |
|
192 assume "\<not> app p (map ok_val ts ! p)" |
|
193 with OKp lp have "\<not> app p s" by simp |
|
194 with OKp have "err_step (size ts) app step p (ts!p) = error (size ts)" |
|
195 by (simp add: err_step_def) |
|
196 with err ts obtain q where |
|
197 "(q,Err) \<in> set (err_step (size ts) app step p (ts!p))" and |
|
198 q: "q < size ts" by auto |
|
199 with less have "ts!q = Err" by auto |
|
200 moreover from q have "ts!q \<noteq> Err" .. |
|
201 ultimately show False by blast |
|
202 qed |
|
203 |
|
204 show "\<forall>(q,t)\<in>set(step p (map ok_val ts ! p)). t <=_r map ok_val ts ! q" |
|
205 proof clarify |
|
206 fix q t assume q: "(q,t) \<in> set (step p (map ok_val ts ! p))" |
|
207 |
|
208 from wt lp q |
|
209 obtain s where |
|
210 OKp: "ts ! p = OK s" and |
|
211 less: "\<forall>(q,t) \<in> set (err_step (size ts) app step p (ts!p)). t <=_(Err.le r) ts!q" |
|
212 by (unfold wt_err_step_def wt_step_def stable_def) |
|
213 (auto iff: not_Err_eq) |
|
214 |
|
215 from b lp app q have lq: "q < size ts" by (rule bounded_err_stepD) |
|
216 hence "ts!q \<noteq> Err" .. |
|
217 then obtain s' where OKq: "ts ! q = OK s'" by (auto iff: not_Err_eq) |
|
218 |
|
219 from lp lq OKp OKq app less q |
|
220 show "t <=_r map ok_val ts ! q" |
|
221 by (auto simp add: err_step_def map_snd_def) |
|
222 qed |
|
223 qed |
|
224 |
|
225 |
|
226 lemma wt_app_eff_imp_wt_err: |
|
227 assumes app_eff: "wt_app_eff r app step ts" |
|
228 assumes bounded: "bounded (err_step (size ts) app step) (size ts)" |
|
229 shows "wt_err_step r (err_step (size ts) app step) (map OK ts)" |
|
230 proof (unfold wt_err_step_def wt_step_def, intro strip, rule conjI) |
|
231 fix p assume "p < size (map OK ts)" |
|
232 hence p: "p < size ts" by simp |
|
233 thus "map OK ts ! p \<noteq> Err" by simp |
|
234 { fix q t |
|
235 assume q: "(q,t) \<in> set (err_step (size ts) app step p (map OK ts ! p))" |
|
236 with p app_eff obtain |
|
237 "app p (ts ! p)" "\<forall>(q,t) \<in> set (step p (ts!p)). t <=_r ts!q" |
|
238 by (unfold wt_app_eff_def) blast |
|
239 moreover |
|
240 from q p bounded have "q < size ts" |
|
241 by - (rule boundedD) |
|
242 hence "map OK ts ! q = OK (ts!q)" by simp |
|
243 moreover |
|
244 have "p < size ts" by (rule p) |
|
245 moreover note q |
|
246 ultimately |
|
247 have "t <=_(Err.le r) map OK ts ! q" |
|
248 by (auto simp add: err_step_def map_snd_def) |
|
249 } |
|
250 thus "stable (Err.le r) (err_step (size ts) app step) (map OK ts) p" |
|
251 by (unfold stable_def) blast |
|
252 qed |
|
253 |
|
254 end |
|
255 |
|